it means setting the login shell (in /etc/passwd) to /bin/false (which is
equivalent to noshell).
This means that these user IDs (lp, daemon etc.) have no access to any
command line shell - which they don't need anyway as they are not
interactive).
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED].
> NET]On Behalf Of SAGI MINI
> Sent: Monday, January 08, 2001 5:02 PM
> To: [EMAIL PROTECTED]
> Subject: Solaris security shell account
>
>
> There is a suggestion that in order to secure the OS, the
> following need to
> set to noshell:
>
> daemon shell, bin shell, sys shell, adm shell, lp shell, smtp shell, uucp
> shell, listen shell, nobody shell ,etc.
>
> What exactly do they mean by putting shell to noshell. It was
> claimed that
> any process such as lp daemon even without granting a password to the
> account is able to access to the system provided the shell environemnt is
> available.
>
> If such, how the above is possible to achieve and what are those
> configuration need to be considered. Please advise.
>
> regards.
> _________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
- Solaris security shell account SAGI MINI
- Re: Solaris security shell account Harry Behrens
- Re: Solaris security shell account Ron DuFresne
- RE: Solaris security shell account McEwen, Don \(NCI\)
